Part 1: Multi-Layered Security PlanSecurity is a fundamental aspect of any network infrastructure. The goal is to always have the most up to date programs and protocols to ensure the protection of the network. No aspect is too small to over look. That could mean the difference between a secure network and a compromised network. The best way to achieve this is to break down every level and approach each one as a separate entity and secure it. Then you can modify it to suit the needs of your network.

We can start with the Application layer. The Application layer provides the interface to the user. First the end user should be subjected to a background check to ensure against any potential malicious or questionable acts in the users past. Then the end user should be properly trained in the use of the computer and the proper protocols to access the network. Updates should be made frequently to keep the user up to date. When the user is in the network, make sure that any unnecessary devices, USB ports and any back doors are disabled. You also want to make sure that all files and emails and downloadable attachments are all thoroughly scanned prior to downloading. Finally, be sure to ensure content filtering, and restrict the end user to only what pertains to their primary function.

The Presentation layer is responsible for encoding and decoding data that is passed from the application layer to another station on the internetwork. You must first ensure that all USB ports are disabled, as well as CD and DVD. This helps to prevent any unauthorized uploads or downloads Make sure that any devices that are not pertinent to the user are disabled as well. To prevent any downloads, use filtering and antivirus scanning. Make sure that any external devices are not used unless proper authorization is obtained. Update all software regularly and enable password protection and screen lock out when the computer is inactive.

The session layer is responsible for creating, managing and terminating sessions that are used by entities at the presentation layer. First you must secure the physical part by making sure that your closets are secure under lock and key and video monitored as well. Make sure that you have an access list of personnel authorized into the closet and keep a log of all who access the closets. Use the highest key possible for all wireless access points. Finally, make sure that all the work stations are individually encrypted as well. You could use two forms of authorization at the users work station.

The Transport layer implements reliable internetwork data transport services that are transparent to upper-layer protocols. First you want to disable ping, probing and port scanning on all the IP devices in the LAN to WAN, this helps prevent phishing and trolling for open ports or any vulnerabilities in the network. you also need to make sure you disable all IP port numbers and monitor with intrusion detection and intrusion prevention systems. You would also like to monitor all of the inbound traffic for any questionable items and apply file transfer monitoring, scanning, and alarming for unknown files. Finally, you should continuously check for vulnerabilities and fix them when they are found, and ensure domain name content filtering is used to keep users on task.

The Network layer defines routing services that allow multiple data links to be combined into an internetwork. You should first restrict using the internet for private communications, set permissions to deny any social or streaming web sites or pages. Then put firewalls in place and apply Acceptable Use Policy in accordance to the RFC 1087: Ethics and the internet. Then get your ISP to put the proper filters on its IP router interfaces. Finally, you should back up all data in an offline, and of site location. Be sure to scan all email attachments for possible threats to...

YOU MAY ALSO FIND THESE DOCUMENTS HELPFUL

...report gives a brief description the general security solutions planned for the safety of data and information that belongs to the organization. The outline will provide elements of a multi-layered security plan, and will indicate a general security solution for each of the seven domains of a typical IT infrastructure. Also I will describe a layer of security for each of the seven domains.
First a...

...﻿
Network SecurityStrategy
(Student’s Name)
(Professor’s Name)
(Course Title)
(Date of Submission)
Introduction
As the director of information security for a medium sized organization with headquarters and 8 remote offices, I am charged with the task of developing a strategy that will ensure that the organization’s systems are never impacted by malwares either internally or externally. Although a 100% protection is...

...SecurityDomain and Strategies
The Richman Company is a successful and prosperous firm with branches in eight locations throughout the country and Canada. To support its growth, the company uses both an intranet and an extranet network. These networks are essential to the successful operation of the company because they provide the means of communicating with all employees, who use the intranet to enroll in company benefit programs. These...

...Network security concepts
Network security starts with authenticating, commonly with a username and a password. Since this requires just one detail authenticating the user name —i.e. the password— this is sometimes termed one-factor authentication. With two-factor authentication, something the user 'has' is also used (e.g. a security token or 'dongle', an ATM card, or a mobile phone); and with three-factor authentication, something the user 'is' is...

...﻿
Domain 5 of CISA Exam
Protection of Information Assets
Clarence Murphy
4345146
ISSC471 IT Security: Auditing
American Military University
Dr. Eric Yocam
23 Oct 2014
Domain 5 of CISA Exam
Protection of Information Assets
Introduction
Domain 5 of the CISA exam covers protection of information assets and includes eight areas of competence. This part of the CISA exam is weighted 30 percent of the overall score, which is the...

...﻿
Information Security
ISSC361
6/23/2012
Jerry Cade
Internet Security
Internet security is a division of actions aimed at securing information based on computers and in transit between them. In the modern environment the two subjects are intimately linked. Neither computers nor the networks that connect them are inherently secure. Computers were subject to attack before the Internet became a public utility—because illegitimate...

...Project 2
Professor Dr. Bob Folden
INFORMATION SECURITYSTRATEGY AND ARCHITECTURE
The path for risk management and the security panels consumed by a corporation are offered by information securitystrategy and architecture, which is very important to any companies and organizations. The security architecture would need to define the way that obligation would be accomplished in the numerous regions of...

...﻿
Perimeter SecurityStrategy
Hal Hagood
U02a1
Perimeter SecurityStrategy
With data breaches on the rise, companies must remain vigilant in safeguarding their assets. Failure to stay in front of data threats will inevitably result in breaches, financial losses, and tarnished reputations. This especially true for company such as EverGreen Financial and effective and meaning management is key.
For years, companies...